[cyber] I: p8/branch packages: +1 (17799)

QA Team Robot qa на altlinux.org
Вс Авг 13 07:44:56 MSK 2017 

	1 UPDATED package

chromium - An open source web browser developed by Google       	[639M]
* Thu Aug 10 2017 Andrey Cherepanov <cas на altlinux> 60.0.3112.78-alt0.M80P.1
- Backport new version to p8 branch
* Tue Aug 01 2017 Alexey Gladkov <legion на altlinux> 60.0.3112.78-alt1
- New version (60.0.3112.78).
- Security fixes:
  - CVE-2017-5091: Use after free in IndexedDB. Reported by Ned Williamson on 2017-06-02
  - CVE-2017-5092: Use after free in PPAPI. Reported by Yu Zhou, Yuan Deng of Ant-financial Light-Year Security Lab on 2017-06-15
  - CVE-2017-5093: UI spoofing in Blink. Reported by Luan Herrera on 2015-10-31
  - CVE-2017-5094: Type confusion in extensions. Reported by Anonymous on 2017-03-19
  - CVE-2017-5095: Out-of-bounds write in PDFium. Reported by Anonymous on 2017-06-13
  - CVE-2017-5096: User information leak via Android intents. Reported by Takeshi Terada on 2017-04-23
  - CVE-2017-5097: Out-of-bounds read in Skia. Reported by Anonymous on 2017-07-11
  - CVE-2017-5098: Use after free in V8. Reported by Jihoon Kim on 2017-07-11
  - CVE-2017-5099: Out-of-bounds write in PPAPI. Reported by Yuan Deng, Yu Zhou of Ant-financial Light-Year Security Lab on 2017-06-15
  - CVE-2017-5100: Use after free in Chrome Apps. Reported by Anonymous on 2017-05-04
  - CVE-2017-5101: URL spoofing in OmniBox. Reported by Luan Herrera on 2017-01-17
  - CVE-2017-5102: Uninitialized use in Skia. Reported by Anonymous on 2017-05-30
  - CVE-2017-5103: Uninitialized use in Skia. Reported by Anonymous on 2017-05-25
  - CVE-2017-5104: UI spoofing in browser. Reported by Khalil Zhani on 2017-06-02
  - CVE-2017-7000: Pointer disclosure in SQLite. Reported by Chaitin Security Research Lab (@ChaitinTech) working with Trend Micro's Zero Day Initiative
  - CVE-2017-5105: URL spoofing in OmniBox. Reported by Rayyan Bijoora on 2017-06-06
  - CVE-2017-5106: URL spoofing in OmniBox. Reported by Jack Zac on 2017-04-24
  - CVE-2017-5107: User information leak via SVG. Reported by David Kohlbrenner of UC San Diego on 2017-01-27
  - CVE-2017-5108: Type confusion in PDFium. Reported by Guang Gong of Alpha Team, Qihoo 360 on 2017-02-24
  - CVE-2017-5109: UI spoofing in browser. Reported by Jose Maria Acuna Morgado on 2017-04-11
  - CVE-2017-5110: UI spoofing in payments dialog. Reported by xisigr of Tencent's Xuanwu Lab on 2017-05-02
* Mon Jun 12 2017 Andrey Cherepanov <cas на altlinux> 59.0.3071.86-alt0.M80P.1

Total 17799 source packages.

Подробная информация о списке рассылки Sisyphus-cybertalk